package light.head.controller.sys;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import light.head.constant.Msg;
import light.head.constant.Parm;
import light.head.constant.Sys;
import light.head.constant.Url;
import light.head.dao.sys.OrganDAO;
import light.head.dao.sys.UserInfoDAO;
import light.head.framework.base.BaseController;
import light.head.framework.utils.MD5Utils;
import light.head.model.Organ;
import light.head.model.UserInfo;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.servlet.ModelAndView;

@Controller
public class LoginController extends BaseController {
	
	private UserInfoDAO userDAO;
	private OrganDAO organDAO;

	@RequestMapping(value = Url.C_BS_LOGIN_1)
	public ModelAndView login1(HttpServletRequest request, HttpServletResponse response) throws Exception {
		String agent = request.getHeader("user-agent");
		if (agent.indexOf(Sys.Android) != -1 || agent.indexOf(Sys.iPhone) != -1 
				|| agent.indexOf(Sys.Windows_Phone) != -1 || agent.indexOf(Sys.iPad) != -1 || agent.indexOf(Sys.iPod) != -1) {
			return new ModelAndView(Url.MOBILE_LOGIN); // 跳转手机版登陆页面
		} 
		return new ModelAndView(Url.BS_LOGIN);
//		return new ModelAndView(Url.MOBILE_LOGIN); // 跳转手机版登陆页面
	}
	
	@RequestMapping(value = Url.C_BS_LOGIN_2)
	public void login2(HttpServletRequest request, HttpServletResponse response) throws Exception {
		String email = request.getParameter(Parm.EMAIL);
		String pwd = request.getParameter(Parm.PWD);
		
		if (!isNotNull(email) || !isNotNull(pwd)) {
			response.getWriter().print(Msg.PARAMETER_ERROR);
			return;
		}
		UserInfo user = userDAO.getByEmail(email);
		if (null == user) {
			print(response, Msg.NOT_FIND);
			return;
		} else if (!user.getPwd().equals(MD5Utils.encryptTo32(pwd))) {
			print(response, Msg.PWD_ERROR);
			return;
		} else {
			if (true == user.getDeleted() && !Sys.ADMIN.equals(user.getEmail())) {
				print(response, Msg.DELETED);
			} else if (null == user.getRc() && !Sys.ADMIN.equals(user.getEmail()) 
						&& organDAO.getRoot(user.getOc()).getCode().intValue() != user.getOc().intValue() 
						&& (null == user.getIsManager() || !user.getIsManager())) {
				print(response, Msg.DELETED);		// 如果是根机构管理员才能看到所有权限，如果是子机构管理员，没有角色也是不能登陆的
				return;
			} else {
				HttpSession session = request.getSession();
				session.setAttribute(Parm.CU_CODE, user.getCode());
				session.setAttribute(Parm.CU_EMAIL, user.getEmail());
				session.setAttribute(Parm.CU_REAL_NAME, user.getRealName());
				
				// 在拦截器中使用该角色code判断是否有操作权限
				session.setAttribute(Parm.CU_ROLE_CODE, user.getRc());
				session.setAttribute(Parm.CU_IS_MANAGER, user.getIsManager());
				session.setAttribute(Parm.CU_ORGAN_TYPE_CODE, user.getOtc());

				// 在所有业务操作中，都需要该属性来判断用户能查询的数据
				session.setAttribute(Parm.CU_ORGAN_CODE, user.getOc());
				session.setAttribute(Parm.CU_ORGAN_NAME, user.getOn());
				
				Organ root = organDAO.getRoot(user.getOc());
				if(root == null && !email.equals("admin@ish365.com")){
					print(response, Msg.EXISTS);
					return;
				}
				session.setAttribute(Parm.CU_ROOT_ORGAN_CODE, null != root ? root.getCode() : null);
				
				// 页面样式需要使用
				session.setAttribute(Parm.CU_PAGE_STYLE, user.getPageStyle());

				print(response, Msg.SUCCESS);
			}
		}
	}

	@RequestMapping(value = Url.C_BS_LOGINOUT)
	public ModelAndView loginout(HttpServletRequest request, HttpServletResponse response) throws Exception {
		if (null == cu_code(request)) {
			request.setAttribute(Parm.INFO, Msg.NO_LOGIN);
			return new ModelAndView(Url.BS_LOGIN);
		} else {
			HttpSession session = request.getSession();
			
			/************** 以上方式不能正确退出 使用以下方式退出 ***********/
			session.setAttribute(Parm.CU_CODE, null);
			session.setAttribute(Parm.CU_EMAIL, null);
			session.setAttribute(Parm.CU_UNAME, null);
			session.setAttribute(Parm.CU_REAL_NAME, null);
			
			// 在拦截器中使用该角色code判断是否有操作权限
			session.setAttribute(Parm.CU_ROLE_CODE, null);
			session.setAttribute(Parm.CU_IS_MANAGER, null);
			session.setAttribute(Parm.CU_ORGAN_TYPE, null);
			
			// 在所有业务操作中，都需要该属性来判断用户能查询的数据
			session.setAttribute(Parm.CU_ORGAN_CODE, null);
			session.setAttribute(Parm.CU_ORGAN_NAME, null);
			session.setAttribute(Parm.CU_ROOT_ORGAN_CODE, null);
			
			// 页面样式需要使用
			session.setAttribute(Parm.CU_PAGE_STYLE, null);
			/**************************************************/
			
			
			
			
			

			session.removeAttribute(Parm.CU_CODE);
			session.removeAttribute(Parm.CU_EMAIL);
			session.removeAttribute(Parm.CU_UNAME);
			session.removeAttribute(Parm.CU_REAL_NAME);
			session.removeAttribute(Parm.CU_ROLE_CODE);
			session.removeAttribute(Parm.CU_IS_MANAGER);
			session.removeAttribute(Parm.CU_ORGAN_TYPE);
			session.removeAttribute(Parm.CU_ORGAN_CODE);
			session.removeAttribute(Parm.CU_ORGAN_NAME);
			session.removeAttribute(Parm.CU_ROOT_ORGAN_CODE);
			session.removeAttribute(Parm.CU_IS_MANAGER);
			session.removeAttribute(Parm.CU_PAGE_STYLE);
			
			
			
			
			
			
			
			

			session.invalidate();
			request.setAttribute(Parm.INFO, Msg.LOGINOUT_SUCCESS);
			
			String agent = request.getHeader("user-agent");
			if (agent.indexOf(Sys.Android) != -1 || agent.indexOf(Sys.iPhone) != -1 
					|| agent.indexOf(Sys.Windows_Phone) != -1 || agent.indexOf(Sys.iPad) != -1 || agent.indexOf(Sys.iPod) != -1) {
				return new ModelAndView(Url.MOBILE_LOGIN); // 跳转手机版登陆页面
			} else {
				return new ModelAndView(Url.BS_LOGIN);
			}
		}
	}
	
	@Autowired
	public void setUserDAO(UserInfoDAO userDAO) {
		this.userDAO = userDAO;
	}
	@Autowired
	public void setOrganDAO(OrganDAO organDAO) {
		this.organDAO = organDAO;
	}
}
